Malwares

analyzers/Malwares/Malwares_GetReport.json

@@ -1,25 +1,39 @@
 {
-    "name": "Malwares_GetReport",
+  "name": "Malwares_GetReport",
-    "version": "1.0",
+  "version": "1.0",
-    "author": "LDO-CERT",
+  "author": "LDO-CERT",
-    "url": "https://github.com/TheHive-Project/Cortex-Analyzers",
+  "url": "https://github.com/TheHive-Project/Cortex-Analyzers",
-    "license": "AGPL-V3",
+  "license": "AGPL-V3",
-    "description": "Get the latest Malwares report for a file, hash, domain or an IP address.",
+  "description": "Get the latest Malwares report for a file, hash, domain or an IP address.",
-    "dataTypeList": ["file", "hash", "domain", "ip"],
+  "dataTypeList": ["file", "hash", "domain", "ip"],
-    "baseConfig": "Malwares",
+  "baseConfig": "Malwares",
-    "config": {
+  "config": {
-        "check_tlp": true,
+    "check_tlp": true,
-        "max_tlp": 3,
+    "max_tlp": 3,
-        "service": "get"
+    "service": "get"
-    },
+  },
-    "command": "Malwares/malwares.py",
+  "command": "Malwares/malwares.py",
-    "configurationItems": [
+  "configurationItems": [
-        {
+    {
-            "name": "key",
+      "name": "key",
-            "description": "Malwares.com API Key",
+      "description": "Malwares.com API Key",
-            "type": "string",
+      "type": "string",
-            "multi": false,
+      "multi": false,
-            "required": true
+      "required": true
-        }
+    }
-    ]
+  ],
+  "registration_required": true,
+  "subscription_required": true,
+  "free_subscription": true,
+  "service_homepage": "https://www.malwares.com/",
+  "service_logo": {
+    "path": "assets/malwares.png",
+    "caption": "logo"
+  },
+  "screenshots": [
+    {
+      "path": "assets/long_report.png",
+      "caption": "Malwares: long report"
+    }
+  ]
 }

analyzers/Malwares/Malwares_Scan.json

@@ -1,25 +1,39 @@
 {
-    "name": "Malwares_Scan",
+  "name": "Malwares_Scan",
-    "version": "1.0",
+  "version": "1.0",
-    "author": "LDO-CERT",
+  "author": "LDO-CERT",
-    "url": "https://github.com/TheHive-Project/Cortex-Analyzers",
+  "url": "https://github.com/TheHive-Project/Cortex-Analyzers",
-    "license": "AGPL-V3",
+  "license": "AGPL-V3",
-    "description": "Use Malwares' API to scan a file or URL.",
+  "description": "Use Malwares' API to scan a file or URL.",
-    "dataTypeList": ["file", "url"],
+  "dataTypeList": ["file", "url"],
-    "baseConfig": "Malwares",
+  "baseConfig": "Malwares",
-    "config": {
+  "config": {
-        "check_tlp": true,
+    "check_tlp": true,
-        "service": "scan",
+    "service": "scan",
-        "max_tlp": 1
+    "max_tlp": 1
-    },
+  },
-    "command": "Malwares/malwares.py",
+  "command": "Malwares/malwares.py",
-    "configurationItems": [
+  "configurationItems": [
-        {
+    {
-            "name": "key",
+      "name": "key",
-            "description": "Malwares.com API Key",
+      "description": "Malwares.com API Key",
-            "type": "string",
+      "type": "string",
-            "multi": false,
+      "multi": false,
-            "required": true
+      "required": true
-        }
+    }
-    ]
+  ],
+  "registration_required": true,
+  "subscription_required": true,
+  "free_subscription": true,
+  "service_homepage": "https://www.malwares.com/",
+  "service_logo": {
+    "path": "assets/malwares.png",
+    "caption": "logo"
+  },
+  "screenshots": [
+    {
+      "path": "assets/long_report.png",
+      "caption": "Malwares: long report"
+    }
+  ]
 }

analyzers/Malwares/README.md

@@ -0,0 +1,9 @@
+### Malwares 
+[Malwares](https://www.malwares.com/) is a web service to collect, analyze and detect various malicious codes or malwares such as Trojans, Viruses, Worms so that customers or end-users can make proper security policies to take countermeasures against security threats.
+
+The analyzer comes in a two flavour that permit you to query different data types (file, hash, domain, ip) or submit new sample for analysis (file, hash).
+
+#### Requirements
+You need a valid Malware API subscription to use the analyzer.
+
+- Provide your API key as values for the `key` parameter.